License compliance: many Open Source licenses coexist in the software ecosystem. Before integrating a third-party piece of code, it is essential to ensure that your license complies with the intended distribution format. The risk here is essentially legal and financial;
Security: a sharp vision of the versions of the Open Source components present in your code base makes possible to protect against known vulnerabilities (CVE) and weaknesses (CWE);
Obsolescence: in Open Source, many projects are emerging, little resistance to the erosion of time. Before using a component, checking its durability and its regular evolution limits the risk of obsolescence. Beyond the sustainability of a community and its component, obsolescence can be caused by the lack of update of the component by development teams to recent (and available) versions, new versions that can add new features and / or fix bugs or vulnerabilities.
Open Source Software Checklist:
Since developers integrate these third-party components into the applications, it is important to make sure that the necessary thought-process and practices become natural when choosing a component: